Breaches

UK and US to Carry Out Cyber Security Stress Tests

The UK and the US have announced they are going to carry out a cyber security stress test to find out how well the two nations’ financial sectors would hold up if they came under attack.

No date has been set for the tests, but it was reported by a British official on Monday (2 November) that the exercise would focus on how well the world’s two largest financial centres – New York and London – would respond in the case of a cyber attack.

A spokesman for British Government’s cyber-security body CERT-UK explained in a statement: “It is testing how we would react to ‘x’ scenario, how would our colleagues in the US react to the same, and how would we then coordinate communications with each other, to the sector and within the sector.

“There will be no testing of cash machines coming down, banks coming down or anything like that.”

The cyber security stress tests have been touted for a long time; Prime Minister David Cameron and President Barack Obama agreed to undergo the joint examination back in January 2014, but exactly what form the test would take has remained unclear.

The continuous stream of high profile data breaches in both countries has acted as a reminder about the importance of getting cyber security right. Indeed, last month hacking attacks compromised the data of four million customers of British telecoms company TalkTalk and 15 million clients of T-Mobile in the US.

The US Treasury, Britain’s finance ministry, the Bank of England (BoE) and US regulators would take part and intelligence agencies are also likely to play a role in the financial sector stress tests, the CERT-UK spokesman added.

Richard Brown, director at cyber security firm Arbor Networks, commented: “The financial services industry is a critical part of the UK economy and has always been a lucrative target for attackers because of the sheer value of the data held within it – after cloud and hosting providers, financial services are the most common target for DDoS attacks.”